Facebook threat uses video clips to harm users
Our client Fortinet (www.fortinet.com), the worldwide #1 vendor of unified threat management appliances, has discovered
a major new threat to Facebook users.
The attack involves Facebook messages that trick users into watching an online video, usually via click through to
another site like Google Reader or Picasa. The videoclip is actually an attack, and prompts the user to install an
upgrade to allow them to view the video.
Because the attacks are occurring via trusted sites like Facebook and Google, there is a very good chance that unwary
users of those sites will agree to download the attack, and suffer the consequences.
Simple steps for users to avoid the problem:
1) Beware of any Facebook message suggesting you click on a web link
2) Never agree to install extra things when you click on a video. If you need to upgrade your software, visit the
software manufacturers site and follow their instructions.
3) Make sure your computer is always up to date with the latest security patches, and that you have up-to-date antivirus
and web filtering enabled.
Full details outlining the attack, including screen shots can be found here: http://fortiguardcenter.com/advisory/FGA-2008-26.html
ENDS